WatchGuard has issued security updates to fix a critical remote code execution vulnerability (CVE-2025-9242) in its Firebox firewalls, which could allow attackers to execute malicious code if the devices are configured to use IKEv2 VPN. While the vulnerability has not been exploited in the wild, administrators are urged to patch their devices due to the attractive target that firewalls present to threat actors. A temporary workaround is also available for those unable to apply the updates immediately.